piwonia2121 utworzono 15 listopada 2013 utworzono 15 listopada 2013 komputer zwariowal, niemozna zainstalowac zadnego antywirusa bo instalacja zostaje przerywana, niemozna ogladac filmow,stronki sie nieladuja-chyba ze ruszysz myszka. w dodatku dzialam na koncie administratora a dostepu do programow jako administartor nie mam( no hijackthis- niemoge zaznaczyc opcji uruchom jako administator) ponizej przesylam logi hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:53:18, on 15/11/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16520) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe C:\ProgramData\Updater\updater.exe C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Users\Robus\AppData\Local\Smartbar\Application\SnapDo.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Optimizer Pro\OptProReminder.exe C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe C:\Windows\system32\wbem\unsecapp.exe C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe C:\ProgramData\RHelpers\IEHelper\IeHelper.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Windows\system32\wuauclt.exe C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\System32\notepad.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AFW^xdm004^YYA^gb&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&si=CPD09PGo0roCFQ7LtAodBmcAtQ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {97ef77e6-97be-4204-a890-2485903c5624} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (file missing) O2 - BHO: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.26.8\bh\iminent.dll O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (file missing) O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Tube Dimmer - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: DataMngr - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\PROGRA~1\SEARCH~2\Datamngr\BROWSE~1.DLL O2 - BHO: Toolbar BHO - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\PROGRA~1\PACKAG~2\bar\1.bin\69bar.dll O2 - BHO: Search Assistant BHO - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (file missing) O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll O2 - BHO: Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\PROGRA~1\SEARCH~2\Datamngr\ToolBar\searchcoredtx.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - (no file) O2 - BHO: PETN - {CF28D96E-985F-43A6-B320-C2186B551472} - C:\Users\Robus\AppData\Local\TidyNetwork\petn.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - (no file) O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll O3 - Toolbar: Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\PROGRA~1\SEARCH~2\Datamngr\ToolBar\searchcoredtx.dll O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O3 - Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file) O3 - Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll O3 - Toolbar: Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.26.8\iminentTlbr.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PackageTracer Search Scope Monitor] "C:\PROGRA~1\PACKAG~2\bar\1.bin\69srchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [PackageTracer_69 Browser Plugin Loader] C:\PROGRA~1\PACKAG~2\bar\1.bin\69brmon.exe O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Robus\AppData\Local\Smartbar\Application\SnapDo.exe startup O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe O4 - HKUS\S-1-5-18\..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f (User 'Default user') O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (file missing) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: rebinfo - (no CLSID) - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (file missing) O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Optimizer Pro Crash Monitor (ca82e1a5) - Unknown owner - c:\progra~1\optimi~1\OptProCrash.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nielsen Update (NielsenUpdate) - Unknown owner - C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe O23 - Service: PackageTracerService (PackageTracer_69Service) - COMPANYVERS_NAME - C:\PROGRA~1\PACKAG~2\bar\1.bin\69barsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SProtection - Iminent - C:\Program Files\Common Files\Umbrella\umbrella.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: WajamUpdater - Wajam - C:\Program Files\Wajam\Updater\WajamUpdater.exe O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- End of file - 15872 bytes bardzo prosze o pomoc
Zayfi komentarz 15 listopada 2013 komentarz 15 listopada 2013 Wykonaj logi z OTL. Hijackthis to nie jest narzedzie na dzisiejsze czasy. http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowych/
piwonia2121 komentarz 18 listopada 2013 Autor komentarz 18 listopada 2013 Wykonaj logi z OTL. Hijackthis to nie jest narzedzie na dzisiejsze czasy. http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowy oto moje logi z otl: pierwszy log: OTL Extras logfile created on: 18/11/2013 17:12:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robus\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.96 Gb Total Physical Memory | 0.46 Gb Available Physical Memory | 23.26% Memory free 4.15 Gb Paging File | 1.81 Gb Available in Paging File | 43.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 42.58 Gb Free Space | 38.75% Space Free | Partition Type: NTFS Drive D: | 3.68 Gb Total Space | 2.58 Gb Free Space | 70.21% Space Free | Partition Type: FAT32 Drive F: | 110.00 Gb Total Space | 27.75 Gb Free Space | 25.23% Space Free | Partition Type: NTFS Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Users\Robus\AppData\Roaming\File Scout\filescout.exe" /open "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09E57FE7-4329-4675-B1E0-0559408DB718}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{0D012FD8-591A-4EE6-B7A2-3E4D8EDECA6F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{0E15A06D-2DCC-4931-B4BE-253007B512CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2329CC35-D56C-49B4-9E5B-303E3F99168D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{24D415CA-28A7-4DBF-BB1A-8B1D217DCE08}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{343A6944-F16F-444B-ADC7-50A850078B0E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{37783111-8D9F-45E4-A3E9-F305E349403D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3DBFFE13-E610-4DC0-9A1A-349B4B66D061}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{46F7F666-5F31-4CDC-9A64-DD4767FD7858}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{514A0B49-5598-44A1-ACD4-B5C14B6490A1}" = lport=2869 | protocol=6 | dir=in | app=system | "{522C475F-A6D4-43C1-BCDD-9E94706ABC90}" = lport=10243 | protocol=6 | dir=in | app=system | "{5DE38597-7C4B-4AB0-AD7E-762546580FEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5ED171C9-D092-4707-8DA1-EEB31767FAFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{6590A138-12EE-46D5-9726-18C7DEA5196D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{72908CBB-18AB-47AA-BAA9-EECF0A292ECA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{99C5F126-66F9-4E83-B720-8AEC15B23C71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CE389637-A61B-43D7-A6EE-97DD006FCFB1}" = rport=10243 | protocol=6 | dir=out | app=system | "{D6C33A74-A63B-4AB1-8286-1992D35DFE5E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{E564E6AC-FBF2-4A9E-92C6-B4B1A17B6D15}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{F57F37EB-344E-4B69-9C31-C84FB3A6B96F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{F86C5096-05EA-4F70-B0A3-87D0F304D000}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{007DA2D9-9F27-4DBB-891B-F48B13882468}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | "{01EC194A-368B-4C68-8A58-15047175C5D5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{07D5C717-6565-441A-9F30-58579182B00F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{0F0D8847-BCAE-475A-AA61-1B00A3431FF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{16608A55-9C14-4E9B-AA83-DEAE865DACFF}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{2069F461-A1B5-4C1C-A024-CC0EB9750FBB}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{26083FAD-9914-4414-A319-FE39A0B3FE10}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{29DCE9B0-19D0-4FD0-99D9-4F3CB3BA974F}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{3764DD0E-FB27-4662-AECD-FD7D45A584AF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{38EC442A-86B8-4BA8-93BD-093EEA3A753A}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe | "{3BD8CE5F-ECB0-4057-AF0B-5483DEF5CA93}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{3F757DC8-4292-4077-99A4-3E902E849A2A}" = dir=in | app=c:\users\robus\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{427BE879-8ADD-471A-90A8-FCC7CA5B87D3}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | "{4695D56F-2FE0-4CF8-9ADC-024F58E7BA18}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{4F1778B0-1D8E-424C-81F1-CBE80C98EB9B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{4FB274A7-21A1-4746-AAC0-DE6D44A6D2E8}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe | "{4FD8C510-DCBE-46C4-BB7C-4270D7977F24}" = dir=in | app=c:\program files\finalmediaplayer\fmpcheckforupdates.exe | "{5547C032-9F2A-4007-869F-EA5C8EF3FA4A}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{5AE9F5FA-CD6C-4A3B-A076-FF17E540A800}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{62EDA1A6-11CF-45C5-9F9E-B896889F58F7}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{65445F47-7C0E-4782-8D9A-9C2909C9D5B3}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | "{6839A075-06FF-45C5-86C0-8C39E59812BF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{724CFB35-63DE-4ACD-8584-CD114794571E}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe | "{7873E0FF-D7CA-467A-B382-5543D2DD49CD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{790D4615-09EE-4CC0-B22D-E835B02FF70A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{82701796-1DE2-476F-A4FE-3AFE0D0A7DB9}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe | "{84207853-F981-433B-8C2D-A4A820ACFFA6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8460E31C-0689-4691-A23F-63B33D558613}" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\utorrent\utorrent.exe | "{859D0FB2-29A0-4AB5-871E-C4EDFBA12F74}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{87857438-4F00-4348-92AD-74F16EDF9EB9}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{8FA777C7-1DD1-45E6-BEFD-1A5F53474EB3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{932751F5-DABC-49D8-AA2D-B85EEFB9B148}" = dir=in | app=c:\program files\iminent\iminent.exe | "{9A3372B9-E197-4D95-8F80-1C12B684B41F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{9D0BD02F-605D-4709-93FF-83E122157731}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{9D310DFF-07AE-439E-A4BC-11A995722D3B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{9DC6CC51-378E-4F99-BE35-17AD41876E68}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{A39CC5C2-E60F-4024-A637-FD7A5ADA49EC}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe | "{AB6D129E-D635-4DDE-9D0A-B736C797A9A4}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{B15D7890-23C5-42B8-B2F8-137493D616CE}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{B162D5CF-572E-4710-8609-99939B49FA8A}" = protocol=6 | dir=in | app=c:\program files\searchcore toolbar\datamngr\toolbar\dtuser.exe | "{BB6AFD29-9EFE-4C18-AAFD-788FC56A5705}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{BCE39F8E-D8F9-4FC9-9022-E30F13F5F27F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{C3365705-7CBC-45DE-A995-75B19527897C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{C75A935C-9C37-47EA-9BB5-30BD9A72F04C}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe | "{CCAE7F94-B7AF-454D-BD5F-D8FEDFE759FD}" = protocol=6 | dir=out | app=system | "{CCE987B1-79E2-4E94-9D51-E280B179C680}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{CF24C354-5803-4F1C-A6DF-EFB0EFE7F8D1}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{D2737553-9768-45A0-8417-42313D0E0E53}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{D8A93B79-0081-43E4-A2D1-39DF92263187}" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\utorrent\utorrent.exe | "{DDE3976C-71AF-4FA3-B10D-FE2149B847F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{E299829F-18F1-4A73-89A1-59C554E311AF}" = protocol=17 | dir=in | app=c:\program files\searchcore toolbar\datamngr\toolbar\dtuser.exe | "{E852702D-0C1F-4B50-A4FA-0E798499F6F7}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | "{EBB3823B-0215-461E-9C2A-44A146405FEF}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe | "{EBC19F37-613E-4CE1-AF91-923A530F0B5C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{ED5B6F1D-3A61-4400-88A9-88F7DEE1A92C}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe | "{F71AFA24-62EC-4BB3-BDC0-E3355DCE274F}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{F9E478C4-67A1-466C-A1DC-995904C432CA}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{FDFCBD42-01E9-4FE1-B761-2C80C2886297}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "TCP Query User{46FE849C-2F05-4133-821E-6034DF805483}C:\program files\downvision\downvision.exe" = protocol=6 | dir=in | app=c:\program files\downvision\downvision.exe | "TCP Query User{BFD98D2C-3220-49DB-9B7A-E585B238E95C}F:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=f:\games\world_of_tanks\wotlauncher.exe | "TCP Query User{D78C1674-8C1F-4E7B-8C1C-F9049BFF5EB3}F:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=f:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{153953B5-FAA4-4B6D-B807-B451EA760E57}C:\program files\downvision\downvision.exe" = protocol=17 | dir=in | app=c:\program files\downvision\downvision.exe | "UDP Query User{6EA1275B-A126-4BBB-947D-C5F2532A90FA}F:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=f:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{CF7AB5AD-E054-4D9B-AF95-22FDF1286E03}F:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=f:\games\world_of_tanks\wotlauncher.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0DFFF131-8BA6-4236-850C-7279B9C446F1}" = LibreOffice 3.5 "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{158104AB-D92E-45BC-8268-5D351C95F6AD}" = Clip Art Collection "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources "{192A227B-A8C8-4C6D-B939-21FAEB007E1E}" = Google Drive "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{3832FA99-2EDD-41E0-94AD-FBF9FABAFEF9}" = Atheros WLAN Client "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4ABB4D92-0682-4887-A0BC-CE5F920DDD23}" = Watchtower Library 2009 - English "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9 "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68CAE442-579C-4D84-AA5F-253852522ED5}" = PCTroubleshooting "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012 "{6DE4887F-138F-4A34-B792-5F250440708D}" = ZoneAlarm Firewall "{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0 "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{76D809C3-5493-44C2-80AF-E5DF1690A74F}" = Snap.Do "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter "{954146E0-49FF-4039-AF58-2257506C7D45}" = ZoneAlarm Firewall "{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Polish "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012 "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B769E2BD-8A06-4B03-9496-5B991025A2C6}" = ZoneAlarm Security "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF687AD3-80CD-431E-A50F-25DD8F9C96C3}" = Iminent "{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F484A787-0E16-4B4B-A24E-66F5E2015E39}" = ZoneAlarm Security "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "bi_uninstaller" = Bundled software uninstaller "Bullzip PDF Printer_is1" = Bullzip PDF Printer 9.2.0.1499 "CCleaner" = CCleaner "DAEMON Tools Lite" = DAEMON Tools Lite "DealPly" = DealPly "FinalMediaPlayer_is1" = Final Media Player 2011 "HDMI" = Intel(R) Graphics Media Accelerator Driver "IMBoosterARP" = Iminent "iminent" = Iminent Toolbar on IE and Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "LG Internet Kit" = LG Internet Kit "LG PC Suite IV" = LG PC Suite IV "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 25.0.1 (x86 en-GB)" = Mozilla Firefox 25.0.1 (x86 en-GB) "MozillaMaintenanceService" = Mozilla Maintenance Service "NetSight" = Nielsen "Office14.SingleImage" = Microsoft Office Home and Business 2010 "Optimizer Pro_is1" = Optimizer Pro v3.2 "PackageTracer_69bar Uninstall Internet Explorer" = PackageTracer Internet Explorer Toolbar "PDF Creator" = PDF Creator "PriceGong" = PriceGong 2.6.4 "PROHYBRIDR" = 2007 Microsoft Office system "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "TubeDimmer" = Tube Dimmer "Wajam" = Wajam "Windows Searchcore Toolbar" = Searchcore Toolbar "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.00 (32-bit) "WinToFlash Suggestor" = WinToFlash Suggestor "Xvid Video Codec 1.3.1" = Xvid Video Codec "ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall "ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar "ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{9ad1f646-11ea-4f1c-bfb2-956063fddc59}" = Snap.Do Engine "DigitalSite" = Update for PDF Creator "FoxTab Media Player" = FoxTab Media Player "TidyNetwork" = TidyNetwork [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 02/07/2012 08:06:55 | Computer Name = Robus-PC | Source = Windows Search Service | ID = 3013 Description = Error - 02/07/2012 08:06:55 | Computer Name = Robus-PC | Source = Windows Search Service | ID = 3013 Description = Error - 02/07/2012 08:06:55 | Computer Name = Robus-PC | Source = Windows Search Service | ID = 3013 Description = Error - 02/07/2012 08:06:55 | Computer Name = Robus-PC | Source = Windows Search Service | ID = 3013 Description = Error - 02/07/2012 08:06:55 | Computer Name = Robus-PC | Source = Windows Search Service | ID = 3013 Description = Error - 02/07/2012 08:06:55 | Computer Name = Robus-PC | Source = Windows Search Service | ID = 3013 Description = Error - 02/07/2012 08:35:35 | Computer Name = Robus-PC | Source = MsiInstaller | ID = 11316 Description = Error - 02/07/2012 09:04:00 | Computer Name = Robus-PC | Source = MsiInstaller | ID = 10005 Description = Error - 02/07/2012 09:08:57 | Computer Name = Robus-PC | Source = WinMgmt | ID = 10 Description = Error - 02/07/2012 10:12:29 | Computer Name = Robus-PC | Source = VSS | ID = 8194 Description = [ System Events ] Error - 14/11/2013 16:29:54 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7024 Description = Error - 14/11/2013 16:29:59 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7034 Description = Error - 14/11/2013 16:29:59 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7026 Description = Error - 14/11/2013 16:33:13 | Computer Name = Robus-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 15/11/2013 13:24:03 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7030 Description = Error - 15/11/2013 13:56:03 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7031 Description = Error - 15/11/2013 14:15:44 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7031 Description = Error - 15/11/2013 14:51:14 | Computer Name = Robus-PC | Source = iaStor | ID = 262153 Description = The device, \Device\Ide\iaStor0, did not respond within the timeout period. Error - 17/11/2013 04:58:06 | Computer Name = Robus-PC | Source = Service Control Manager | ID = 7011 Description = Error - 18/11/2013 06:41:19 | Computer Name = Robus-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = < End of report > drugi log: OTL logfile created on: 18/11/2013 17:12:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robus\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.96 Gb Total Physical Memory | 0.46 Gb Available Physical Memory | 23.26% Memory free 4.15 Gb Paging File | 1.81 Gb Available in Paging File | 43.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 42.58 Gb Free Space | 38.75% Space Free | Partition Type: NTFS Drive D: | 3.68 Gb Total Space | 2.58 Gb Free Space | 70.21% Space Free | Partition Type: FAT32 Drive F: | 110.00 Gb Total Space | 27.75 Gb Free Space | 25.23% Space Free | Partition Type: NTFS Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/11/18 17:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robus\Downloads\OTL.exe PRC - [2013/11/15 17:41:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/11/14 17:57:22 | 000,143,488 | ---- | M] () -- c:\Program Files\Optimizer Pro\OptProCrash.exe PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe PRC - [2013/11/07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe PRC - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe PRC - [2013/10/28 19:22:50 | 001,177,080 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProReminder.exe PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe PRC - [2013/10/23 20:06:28 | 000,313,208 | ---- | M] (Updater) -- C:\ProgramData\Updater\updater.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\IeHelper\IeHelper.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe PRC - [2013/10/20 08:00:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe PRC - [2013/10/06 15:41:00 | 000,021,536 | ---- | M] (Smartbar) -- C:\Users\Robus\AppData\Local\Smartbar\Application\SnapDo.exe PRC - [2013/09/25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe PRC - [2013/07/10 19:28:16 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe PRC - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe PRC - [2012/08/07 13:12:07 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2011/12/10 11:07:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2011/05/03 18:46:18 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2008/01/21 02:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/11/15 17:41:18 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/11/14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd MOD - [2013/11/14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd MOD - [2013/11/14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd MOD - [2013/11/14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd MOD - [2013/11/14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd MOD - [2013/11/14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd MOD - [2013/11/14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd MOD - [2013/11/14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd MOD - [2013/11/14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd MOD - [2013/11/14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd MOD - [2013/11/14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd MOD - [2013/11/14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd MOD - [2013/11/14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd MOD - [2013/11/14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll MOD - [2013/11/14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd MOD - [2013/11/14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll MOD - [2013/11/14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd MOD - [2013/11/14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd MOD - [2013/11/14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd MOD - [2013/11/14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd MOD - [2013/11/14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd MOD - [2013/11/14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd MOD - [2013/11/14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd MOD - [2013/11/14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd MOD - [2013/11/14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd MOD - [2013/11/14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd MOD - [2013/11/14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd MOD - [2013/11/14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd MOD - [2013/11/14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd MOD - [2013/11/14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd MOD - [2013/11/14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd MOD - [2013/11/14 17:54:26 | 000,146,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll MOD - [2013/10/20 08:49:48 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll MOD - [2013/10/20 08:48:06 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll MOD - [2013/10/20 08:00:16 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013/10/06 15:41:26 | 000,030,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srut.dll MOD - [2013/10/06 15:41:24 | 000,020,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srsbs.dll MOD - [2013/10/06 15:41:22 | 000,246,304 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srns.dll MOD - [2013/10/06 15:41:22 | 000,014,880 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srpdm.dll MOD - [2013/10/06 15:41:18 | 000,055,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srau.dll MOD - [2013/10/06 15:41:16 | 000,055,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\spbl.dll MOD - [2013/10/06 15:41:16 | 000,049,184 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\sppsm.dll MOD - [2013/10/06 15:41:12 | 000,053,280 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll MOD - [2013/10/06 15:41:12 | 000,025,632 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2013/10/06 15:41:10 | 000,112,672 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2013/10/06 15:41:10 | 000,017,440 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2013/10/06 15:41:08 | 000,150,560 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2013/10/06 15:41:06 | 000,057,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll MOD - [2013/10/06 15:41:04 | 001,808,416 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2013/10/06 15:41:04 | 000,034,848 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2013/10/06 15:41:04 | 000,014,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2013/10/06 15:41:02 | 000,726,048 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2013/10/06 15:41:02 | 000,082,464 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2013/10/06 15:40:58 | 000,014,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\sgml.dll MOD - [2013/10/06 15:40:58 | 000,013,344 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\siem.dll MOD - [2013/10/06 15:40:26 | 000,048,160 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll MOD - [2013/10/06 15:13:44 | 000,193,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\sgmu.dll MOD - [2013/10/06 15:12:46 | 000,068,640 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll MOD - [2013/09/30 03:21:03 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll MOD - [2013/09/30 03:19:02 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64fe2235e06dc8fd69a2fd3f6022553c\System.Web.Services.ni.dll MOD - [2013/09/30 02:49:43 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll MOD - [2013/09/30 02:48:52 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll MOD - [2013/09/30 02:46:38 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll MOD - [2013/07/13 08:28:16 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2cd2c82bbe22932ed5b4d51c3b5059eb\CustomMarshalers.ni.dll MOD - [2013/07/13 08:07:05 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll MOD - [2013/04/19 15:33:50 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll MOD - [2013/03/20 15:55:22 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll MOD - [2013/03/20 15:54:10 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npwmi.dll MOD - [2013/03/20 15:53:56 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsurvey.dll MOD - [2013/03/20 15:53:48 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsp1.dll MOD - [2013/03/20 15:53:38 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\communication.dll MOD - [2009/10/08 19:31:44 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll MOD - [2009/03/30 04:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2013/11/15 17:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/11/14 17:57:22 | 000,143,488 | ---- | M] () [Auto | Running] -- c:\Program Files\Optimizer Pro\OptProCrash.exe -- (ca82e1a5) SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) SRV - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection) SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2013/10/20 08:00:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService) SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/07/10 19:28:16 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater) SRV - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate) SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/21 02:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/21 02:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2013/09/29 23:30:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013/06/13 16:34:06 | 000,452,120 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2013/03/20 15:52:42 | 000,023,008 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk) DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010/05/12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2009/12/17 15:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/03 17:21:00 | 000,168,448 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2008/01/21 02:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006/11/14 00:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2006/11/02 07:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/02 07:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515&ref=toolbox&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=4C05002454208E82&affID=120007&tsp=5027 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AFW^xdm004^YYA^gb&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&si=CPD09PGo0roCFQ7LtAodBmcAtQ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.bing.com/search?FORM=UP31DF&PC=UP31&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515&ref=toolbox&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "StartWeb" FF - prefs.js..browser.search.order.1: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "StartWeb" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..extensions.enabledAddons: 69ffxtbr%40PackageTracer_69.com:5.40.2.43053 FF - prefs.js..extensions.enabledAddons: %7Bf35b3d43-735b-29de-1ac7-4e569be965a6%7D:1.1 FF - prefs.js..extensions.enabledAddons: TidyNetwork%40TidyNetwork:5.0 FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.48 FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0 FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:7.43.4.1 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40iminent.com:1.6.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm=" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Search" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..browser.startup.homepage: "true" FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&ind=2013110910&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\npfirefoxtracker.dll File not found FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Robus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Robus\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Robus\AppData\Local\RewardsArcade\498\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/07/10 19:28:16 | 000,037,909 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] [2013/10/04 21:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Extensions [2013/11/15 17:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions [2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3} [2013/09/29 23:22:45 | 000,000,000 | ---D | M] (Wajam) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [2013/02/15 17:56:29 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013/11/14 19:41:03 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013/02/04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6} [2012/06/06 21:35:57 | 000,000,000 | ---D | M] (MapsGalaxy) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\39ffxtbr@MapsGalaxy_39.com [2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com [2012/07/02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com [2013/11/15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com [2013/11/14 19:41:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com [2012/07/02 12:06:26 | 000,000,000 | ---D | M] (RivalGaming) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\links@rivalgaming.com [2013/11/14 19:30:09 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\support@tubedimmerapp.com [2013/11/14 17:57:33 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\TidyNetwork@TidyNetwork [2013/11/14 17:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions [2012/07/02 13:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\staged [2013/11/14 17:57:40 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\TidyNetwork@TidyNetwork [2013/11/14 14:22:56 | 000,608,410 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\webbooster@iminent.com.xpi [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/03/21 07:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\pm2306dz.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/11/15 17:25:49 | 000,001,368 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\iminent.xml [2013/11/14 17:56:10 | 000,002,437 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\Web Search.xml [2013/11/14 18:27:01 | 000,001,500 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\zonealarm.xml [2013/11/15 17:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/11/15 17:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013/11/15 17:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/11/15 17:41:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/01/10 14:08:36 | 000,002,147 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\StartWeb.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515 CHR - homepage: http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515 CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.5\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.4_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdlgjgaamffjidnpeddnekffilecamo\5.0.0.0_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.46.2.1_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\ O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found O2 - BHO: (iminent Helper Object) - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.26.8\bh\iminent.dll (Iminent) O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll (PriceGong) O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found O2 - BHO: (Tube Dimmer) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll (Creative Island Media, LLC) O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DataMngr) - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD) O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark) O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - No CLSID value found. O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found. O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Iminent Toolbar) - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.26.8\iminentTlbr.dll (Iminent) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD) O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent) O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent) O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark) O4 - HKLM..\Run: [PackageTracer_69 Browser Plugin Loader] C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe (VER_COMPANY_NAME) O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Robus\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google) O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe () O4 - HKCU..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC) O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC) O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7C213F-BD10-4507-9ECF-0A4CB9E8F770}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\rebinfo - No CLSID value found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/11/15 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar [2013/11/15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent [2013/11/15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent [2013/11/15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent [2013/11/15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella [2013/11/15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent [2013/11/14 19:51:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/11/14 19:51:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/11/14 19:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/11/14 19:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/11/14 19:51:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/11/14 19:50:59 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/11/14 19:50:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/11/14 19:50:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/11/14 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013/11/14 18:31:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys [2013/11/14 18:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD [2013/11/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Check Point Software Technologies LTD [2013/11/14 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro [2013/11/14 17:57:29 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\TidyNetwork [2013/11/14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 [2013/11/14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers [2013/11/14 17:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TubeDimmer [2013/11/14 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Smartbar [2013/11/14 17:29:52 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Avg2014 [2013/11/13 09:22:52 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 [2013/11/06 11:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2013/11/06 11:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator [2013/11/06 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2013/11/06 11:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\DigitalSite [2013/10/29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard [2013/10/20 07:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2012/03/03 09:17:15 | 002,371,152 | ---- | C] (DownVision ) -- C:\Users\Robus\AppData\Local\setup.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/11/18 17:28:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/18 17:20:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000UA.job [2013/11/18 17:00:00 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\RGames Updater.job [2013/11/18 16:43:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job [2013/11/18 16:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/18 16:39:28 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\DigitalSite.job [2013/11/18 16:39:24 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/11/18 16:39:24 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/11/18 14:20:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000Core.job [2013/11/18 10:36:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/17 09:28:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/15 17:51:22 | 000,002,523 | ---- | M] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:48 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 20:36:12 | 000,648,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/11/14 20:36:12 | 000,124,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/11/14 20:29:42 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/11/14 19:43:05 | 000,417,569 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 19:26:12 | 000,001,288 | ---- | M] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:25:12 | 000,210,992 | ---- | M] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:25:12 | 000,023,088 | ---- | M] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | M] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | M] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:26 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | M] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/14 17:57:20 | 000,000,859 | ---- | M] () -- C:\Users\Robus\Desktop\Optimizer Pro.lnk [2013/11/14 17:56:10 | 000,002,108 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/14 17:56:10 | 000,002,084 | ---- | M] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/13 13:38:27 | 000,000,000 | ---- | M] () -- C:\end [2013/11/09 20:34:04 | 000,001,875 | ---- | M] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:43 | 001,094,600 | ---- | M] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/05 18:48:26 | 001,608,730 | ---- | M] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/11/01 19:26:26 | 006,801,542 | ---- | M] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/01 18:43:00 | 002,478,596 | ---- | M] () -- C:\Users\Robus\Desktop\salon.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/10/20 12:40:58 | 002,127,163 | ---- | M] () -- C:\Users\Robus\Desktop\koza.jpg [2013/10/20 08:40:49 | 000,412,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/10/20 08:00:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/10/20 08:00:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/11/15 18:30:50 | 000,513,136 | ---- | C] () -- C:\Users\Robus\Desktop\Silent Runners.vbs [2013/11/15 17:38:41 | 000,002,523 | ---- | C] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:39 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 19:26:12 | 000,001,288 | ---- | C] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:24:48 | 000,210,992 | ---- | C] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:24:48 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | C] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | C] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:57 | 000,417,569 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 18:32:26 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | C] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/14 17:57:20 | 000,000,859 | ---- | C] () -- C:\Users\Robus\Desktop\Optimizer Pro.lnk [2013/11/14 17:56:10 | 000,002,108 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/14 17:56:10 | 000,002,084 | ---- | C] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/13 09:22:52 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2013/11/09 20:34:04 | 000,001,875 | ---- | C] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:54 | 001,094,600 | ---- | C] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/08 08:18:59 | 002,127,163 | ---- | C] () -- C:\Users\Robus\Desktop\koza.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | C] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/06 11:40:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2013/11/06 11:39:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\DigitalSite.job [2013/11/05 20:08:53 | 006,801,542 | ---- | C] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/05 20:07:51 | 002,478,596 | ---- | C] () -- C:\Users\Robus\Desktop\salon.jpg [2013/11/05 18:45:35 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol2.jpg [2013/11/05 18:45:08 | 004,445,439 | ---- | C] () -- C:\Users\Robus\Desktop\sofa.jpg [2013/11/05 18:44:18 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol1.jpg [2013/11/05 18:44:02 | 005,407,789 | ---- | C] () -- C:\Users\Robus\Desktop\stol.jpg [2013/11/05 18:40:07 | 001,608,730 | ---- | C] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/03/07 19:33:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2013/03/07 19:33:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2013/02/09 15:48:57 | 000,026,900 | ---- | C] () -- C:\Users\Robus\AppData\Local\dt.dat [2012/06/30 13:41:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012/03/03 09:17:16 | 000,000,972 | ---- | C] () -- C:\Users\Robus\AppData\Local\Darmowe.Wzory.Ulotek.Reklamowych.torrent [2012/02/15 20:10:02 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012/02/15 20:10:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/12/08 19:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/12/08 19:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011/06/28 07:26:54 | 000,024,334 | ---- | C] () -- C:\Users\Robus\AppData\Local\umowa poadzialu.pdf [2011/06/17 14:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Robus\AppData\Local\{78F2DA2B-44D9-40DC-9367-6AF299E2187A} [2010/08/16 16:05:07 | 000,046,278 | ---- | C] () -- C:\Users\Robus\WSR Invoice - Mr. R. Plummer - 2452.pdf [2010/06/26 21:06:37 | 000,123,392 | ---- | C] () -- C:\Users\Robus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐 [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐 [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 (C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x (C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ (C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ (C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š (C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò (C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ (C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ (C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ (C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē (C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é (C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á (C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ (C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ (C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 (C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬ (C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 (C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 (C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś (C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0 (C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 (C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦潣⽭灡獰洯獳㌯〮栯汥獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐 (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ (C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ (C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ (C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 (C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720 < End of report > wkleilam dwa bo po zakonczeniu skanowania otl wyskoczyly mi dwa pliki teksotwe,ktore wlasnie tu umiescilam prosze o pomoc
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.